• Zach Biles

Backup Cisco, MikroTik, and PaloAlto with Ansible

Check out my GitHub for these Ansible playbooks. Some folks are starting to use Git for device backups as it provides diffs and backup capability. For those who don't have this kind of infrastructure available to them, I have written some playbooks that will do local backups to .txt files that can be displayed on a web server for easy browsing. In some environments IT Security won't allow configs to be backed up in a cloud setting or have other requirements, so this allows network administrators to host their backups on any internal Linux box they can run Ansible on.

These jobs backup the device, clean up dynamic pieces of the config like last configuration time, and other bits that might normally change from day to day (to prevent false positives on config changes), and outputs a diff as a .html file by comparing today's backup with yesterday's. If there are changes since yesterday, the job dumps the .html colored diff file out to a directory on your AWX/Ansible host as well.

I like to throw these up on an Nginx web server with a basic username and password to view since there can be sensitive information. This makes viewing easy, and you can also quickly grep through the backups on the server to monitor compliance in your configurations or look for bad config settings.




130 views0 comments

Recent Posts

See All

AWX Isolated Nodes Broken after AWX Upgrade

tl;dr: Python2 strikes back! Always use Python3. Ran into this issue after an upgrade of AWX from 14.0.0 to 15.0.1, where jobs will just fail with no output in AWX showing what happened. Just a blank

Variables in Ansible

This will be a short post today, feeling pretty dumb. Just learned the hard way that Ansible variable names can not start with numbers. It even says so in the first line of the documentation on variab